From 9483b1ec7aa0c82d85ec3aa22bd4f10cb388ecfa Mon Sep 17 00:00:00 2001 From: Julien Rische Date: Tue, 23 May 2023 12:19:54 +0200 Subject: [PATCH] [downstream] Make PKINIT CMS SHA-1 signature verification available in FIPS mode We recommend using the SHA1 crypto-module in order to allow the verification of SHA-1 signature for CMS messages. However, this module does not work in FIPS mode, because the SHA-1 algorithm is absent from the OpenSSL FIPS provider. This commit enables the signature verification process to fetch the algorithm from a non-FIPS OpenSSL provider. Support for SHA-1 CMS signature is still required, especially in order to interoperate with Active Directory. At least it is until elliptic curve cryptography is implemented for PKINIT in MIT krb5. --- src/plugins/preauth/pkinit/pkinit_crypto_openssl.c | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c index bfa3fe8e91..ca105d2421 100644 --- a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c +++ b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c @@ -1885,8 +1885,17 @@ cms_signeddata_verify(krb5_context context, if (oid == NULL) goto cleanup; +#if OPENSSL_VERSION_NUMBER >= 0x30000000L + /* Do not use FIPS provider (even in FIPS mode) because it keeps from + * allowing SHA-1 signature verification using the SHA1 crypto-module + */ + cms = CMS_ContentInfo_new_ex(NULL, "-fips"); + if (!cms) + goto cleanup; +#endif + /* decode received CMS message */ - if ((cms = d2i_CMS_ContentInfo(NULL, &p, (int)signed_data_len)) == NULL) { + if (!d2i_CMS_ContentInfo(&cms, &p, (int)signed_data_len)) { retval = oerr(context, 0, _("Failed to decode CMS message")); goto cleanup; } -- 2.40.1